System for eliminating unauthorized electronic mail

ABSTRACT

A system for eliminating unauthorized email sent to a user on a network employs an email-receiving server connected between the network and the user&#39;s email client for receiving email addressed to the user and rejecting those in which the sender address does not match any of sender addresses maintained on an “authorized senders” list (ASL list). The ASL lists are maintained by an ASL manager in an ASL database operable with a spam processor module. A redirector module rejects the email if, upon sending a request for validation to the spam processor module, the sender&#39;s address does not match any authorized sender address on the ASL list. Email rejected by the redirector module is redirected to a web-based messaging (WBM) module which sends a message to the sender to confirm that the sender is a legitimate sender of email to the intended recipient. If the sender logs on to confirm their status, the WBM module executes an interaction procedure which can only be performed by a human, in order to ensure that the confirmation procedure is not performed by a mechanical program. The ASL manager maintains the ASL lists based upon sender address data collected from various sources and analyses of various email usage factors, including sent email, received email, contact lists maintained by the user, user preference inputs, third party programs, etc.

This U.S. patent application claims the priority of U.S. ProvisionalApplication 60/150,025, filed on Sep. 1, 1999, entitled “Unwanted EmailFiltering System”, and U.S. Provisional Application 60/180,937, filed onFeb. 8, 2000, entitled “Unwanted Email Filtering System”, both by thesame inventor.

FIELD OF THE INVENTION

This invention relates to a system for eliminating unwanted email, andparticularly to one in which all email must be recognized as sent by anauthorized sender in order to be accepted.

BACKGROUND OF THE INVENTION

Unwanted or unauthorized email is a significant bane for users onworldwide networks, such as the current public Internet. Once a person'semail address becomes known in a network system, it can easily bereplicated in computerized lists and passed on electronically to anunlimited number of parties who have not been authorized or invited tosend email to the user. A user's electronic mailbox can become inundatedwith such unauthorized email. Unauthorized or unwanted email is referredto generically in the industry by the term “spam”, although the term isnot intended to be associated with or to disparage the popular cannedmeat product sold under the trademark “Spam” by Hormel Corp. The usermay have an email address with a commercial information service provider(ISP) service which limits the amount of email that can be acceptedand/or stored or which charges the user by the volume received. The usermay also waste a significant amount of time opening and reviewing suchunwanted email. Unauthorized email may also be sent by unscrupulouspersons who may enclose a virus or noxious software agent in the emailwhich can infect the user's computer system, or which can be used as anunauthorized point of entry into a local network system that handles theuser's email.

Most, if not all, of the current software to control the receipt of spamis based upon the use of identifying lists of known spam sources orsenders (“spammers”). Such conventional spam control software functionson the basis of receiving all email as authorized unless a sender isidentified as being on the exclusion list and the email can be filteredout. This approach is only as good as the identifying list and cannotguarantee that the user will not receive spam. Spammer lists requirefrequent updating and must be distributed in a timely manner to allsubscribers to the spam control software or service. Sophisticatedspammers frequently change their source Internet address, and can defeatattempts to keep exclusion lists current. They can also route theunwanted email through the Internet servers of other parties so as todisguise the source of the emails through innocuous or popularlyrecognized names. A user's email address may also become known to largenumbers of individuals in public chat rooms or on public bulletinboards. Unwanted email sent by individuals are not tracked on spammerlists, because the sending of email by individuals is technically notspamming.

SUMMARY OF THE INVENTION

Accordingly, it is a principal object of the present invention toprovide a spam control system that cannot be defeated by spammers whofrequently change their source addresses or disguise themselves byrouting email through other servers, or by individuals who send emailthat are not invited or authorized by the user. It is a particularobject of the invention that the system of the invention reject allemail as unauthorized unless the sender is recognized as being on theuser's acceptance list.

In accordance with the present invention, a system for eliminatingunauthorized email sent to a user on a network comprises:

(a) an email client for allowing the user to receive email sent on thenetwork addressed to a unique email address of the user,

(b) an email-receiving server connected between the network and theemail client for receiving email addressed to the unique email addressof the user, said email-receiving server having an authorized senderslist (ASL) module which maintains an ASL list of email addresses ofexternal users authorized to send email to the user, and

(c) an email rejection module operable with the ASL module for rejectingthe receipt of email sent to the email address of the user if the emailaddress of the sender is not one that is maintained on the ASL list forthe user.

In a preferred embodiment, the system's ASL module includes an ASLdatabase for storing ASL lists of authorized sender addresses forrespective subscribers of the system, a spam processor module forchecking the ASL lists for matches, and an ASL manager for creating,maintaining, and updating the ASL lists. A redirector module rejectsemail if, upon sending a request for validation to the spam processormodule, the sender's address does not match any authorized senderaddress found on the ASL list. Email rejected by the redirector moduleis redirected to a web-based messaging (WBM) module which sends amessage notifying the sender to confirm that the sender is a legitimatesender of email to the intended recipient. If the sender logs on toconfirm their status, the WBM module executes an interaction procedurewhich can only be performed by a human, in order to ensure that theconfirmation procedure is not performed by a mechanical program. The ASLmanager maintains the ASL lists based upon sender address data collectedfrom various sources and analyses of various email usage factors,including sent email, received email, contact lists maintained by theuser, user preference inputs, third party programs, etc.

The invention also encompasses associated methods of performing theabove functions, as well as related software components which enablethese functions to be performed.

Other objects, features, and advantages of the present invention will bedescribed in further detail below, with reference to the followingdrawings:

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1A is a block diagram illustrating a standard Internet email systemusing the conventional method for filtering email from spammers (PriorArt), as compared to FIG. 1B which shows a conceptual overview of asystem in accordance with the present invention.

FIG. 2 is a process flow diagram for a preferred embodiment of theanti-spam system of the present invention.

FIG. 3A is a block diagram illustrating a standard SMTP send emailprocess (Prior Art), as compared to FIG. 3B which shows a modified sendemail process used in the present invention.

FIG. 4A is a block diagram illustrating a standard SMTP receive emailprocess (Prior Art), as compared to FIG. 4B which shows a modifiedreceive email process used in the present invention.

FIG. 5 is a process flow diagram illustrating the operation of ananti-spam processing routine in the preferred embodiment of theinvention.

FIG. 6 is a process flow diagram illustrating the detailed operation ofa Web-Based Messenger (WBM) routine for handling email initiallyrejected by the anti-spam control.

FIG. 7A is a block diagram illustrating a standard SMTP send-receiveemail handling process (Prior Art), as compared to FIG. 7B which shows amodified Redirector process for handling received email.

FIG. 8 is a schematic diagram illustrating the structure and operationof the ASL Manager in the preferred embodiment of the spam controlsystem.

FIG. 9 illustrates a detailed implementation of examples of processingof email send/receive and user contact data into specific forms ofactions taken by the ASL Manager.

DETAILED DESCRIPTION OF INVENTION

In contrast to the known approaches of existing spam control methods ofaccepting all email unless listed on an exclusion list as unauthorized,the fundamental principle of the present invention is to reject allemail unless listed on an inclusion list as authorized. In this manner,it is possible to filter out email that comes from unrecognized spammersas well as individuals who send email that is uninvited by the user.Unlike the known email filtering systems, the present invention does notattempt to filter out the unwanted email after it has been accepted.Rather, it outright rejects the email at the earliest entry level. Thus,the invention operates on the premise that all email will be treated asunauthorized unless the sender is found to be on an “authorized senders”list in order to be accepted by the user. This provides an inherentlypowerful and 100% effective spam control solution in an environmentwhere spammers can instantaneously change their source address orapparent identity and individuals in public areas can obtain emailaddresses of other users and send them unwanted email.

The following is a detailed description of one preferred embodiment of asystem for implementing the invention concept. In this embodiment, thespam control system intelligently formulates the “authorized senders”list based upon an ongoing analysis of the user's email usage, such asto whom and with what frequency sent email is addressed to other users,and through the gathering of high-level user contact data, such as auser's known contacts and associates identified on other lists or filesmaintained by the user which indicate persons considered as authorized.The “authorized senders” list may also be updated and manipulated by theuser at any time to add or remove authorized senders. While thisspecific implementation is used, and certain components are provided andconfigured to be interoperable in the described ways, it is to beunderstood that the full scope of the invention is deemed to encompassmany other suitable modifications and variations to the describedguiding principles of the invention.

FIG. 1A is a block diagram of a standard email system for sending andreceiving email on the Internet and is used to explain the conventionalmethod for filtering out email from spammers. The system follows astandard industry protocol for handling email on the Internet, referredto as SMTP. Users typically subscribe with a chosen ISP for Internetaccess and related services, including email services. The users accessthe Internet through the ISP using a dialup or high-speed lineconnection and a standard browser. The browser includes or functionswith a standard email client 101, such as the Outlook™ email clientdistributed by Microsoft Corp., headquartered in Bellevue, Wash., or theNetscape™ email client used by AOL/Netscape, headquartered in Fairfax,Va. The ISP operates at a website address corresponding to its domainname which is addressable by users on the Internet. The ISP's servicefunctions are performed for a large number of subscribers through one ormore servers. Typically, an email server 102 is used to handle the emailservice functions. Email sent to the ISP from the Internet is receivedat SMTP Server 102 b, where various administrative functions areperformed, such as checking whether the addressee is an authorizedsubscriber of the ISP, then the email is placed in a storage spacereserved for that user, referred to as Inbox 102 a. When users connectto the ISP, they can retrieve their email and store it with their ownemail client (on their own computer). Users can send email by composingit locally at their email client, then uploading it to the SMTP Server102 b at the ISP, which then routes it to the recipient's email addresson the Internet.

Conventional anti-spam control can be implemented with the SMTP Serverand/or at the email client. Many ISPs implement an exclusion list ofknown spammers at the SMTP Server. In addition, they commonly allow auser to filter out unwanted email from certain senders known to theuser. For example, the user's email client may have a filtering functionthat allows the user to input unwanted sender email addresses to theSMTP Server so that email received by the SMTP Server can be filteredout before being put into the user's Inbox. Further, independentsoftware vendors sell sophisticated email handling programs that workwith the user's email client. For example, some handling program havefunctions for categorizing received email into topical file folders, andemail from unrecognized senders may be put into a “Miscellaneous” or“Unrecognized” file folder.

In FIG. 1B, a conceptual overview of a system in accordance with thepresent invention is shown. As before, the standard email client 101 isconnected to an email server 104 for sending and receiving email to andfrom the Internet via SMTP Server 104 b and Inbox 104 a. However, inthis modified email server 104, an Authorized Sender List (ASL) Managercaptures recipient email addresses from email sent by the user, as shownat block 105, and also captures to sender email addresses from emailsent to the user, as shown at block 106. The ASL Manager analyzes thecaptured sender email addresses and recipient email addresses andemploys certain pre-defined rules (described in further detail below) toadd or remove email addresses from the “authorized senders” list,referred to as the ASL List or Database. The ASL List is used by theSMTP Server 104 b to accept only email from senders on the ASL List andplace the accepted email in the user's Inbox 104 a, while rejecting allother email as “unauthorized”, as indicated at block 107.

Referring to FIG. 2, the process flow for the operational steps of theanti-spam system of the present invention will now be described. Certainterms used in the description are defined below:

-   SPAMKAPU: An example of the spam control system of the invention.-   SUBSCRIBER: A person subscribing to an ISP email service that is    using the spam control system of the invention.-   FRIEND: An email-sending source that is authorized by the spam    control system to send email to the SUBSCRIBER.-   SPAMMER: An email-sending source that is not authorized to send    email to the SUBSCRIBER, which is commonly understood to be an    unknown or unauthorized party that is using a manual or computerized    email list mailing program to send large volumes of emails    repetitively through the Internet.-   CONTACT: An email-sending source that has been identified by the    system as a legitimate correspondent of the SUBSCRIBER is authorized    by the system to send email to the SUBSCRIBER.-   SUSPECT: An email sending source that has not yet been identified as    either a SPAMMER or a CONTACT.

Email sent from the Internet (103) is sent to the email address of theISP for the SUBSCRIBER, referred to in block 201 as the SpamKapu EmailAddress (SKE). Received email must first pass through the Redirector202. The Redirector 202 sends a request for validation for the emailfrom the Spam Processor 203 which maintains the Spam Processing Database(SPDB) 203 a, including the Authorized Senders List (ASL) 203 b. TheSPDB Database and ASL List are the heart of SPAMKAPU, as they containthe lists of persons authorized to send email to the respectiveSUBSCRIBERS of the system. The Spam Processor 203 sends a response,either that the sender's address on the email is not authorized on theASL List, i.e., is a SPAMMER, or is authorized on the ASL List, i.e., isa FRIEND. If the response is that it is a SPAMMER, the Redirector 202rejects the email, as shown at block 204, such as by sending a standarderror message to the sending server that the user as addressed does notexist.

As a refinement to the system, a Web-Based Messenger (WBM) process atblock 205 may be set up to provide a corrective procedure in the eventthat the rejected email is from someone not authorized but not listedpermanently on the ASL List as a SPAMMER. The unauthorized email mayactually be from a person who has not been previously processed in theanti-spam system but who has a legitimate reason to reach theSUBSCRIBER. The WBM process 205 is set up as part of the spam controlsystem to which the rejected email is redirected. Upon receipt of theredirected email, the WBM process stores it in the WBM database,assigning the email a unique ID code and also an expiration date. TheWBM process then sends an error response email to the email sender, whois now treated as a SUSPECT. For example, the error message may read:

-   -   “An email sent by you to SUBSCRIBER's address was redirected to        this site as being sent from an unrecognized sender address        which may be a source of spam email. If you would like to        confirm yourself as a person with legitimate reason to reach the        SUBSCRIBER, please visit the WBM site (or send a reply email)        and confirm your status as a CONTACT.”

The WBM may have a separate web site address for interactions withSUSPECTS, or it may be set up to receive and recognize email responsesfrom SUSPECTS. When a SUSPECT receives the error response email, if theyare a legitimate CONTACT for the SUBSCRIBER, they may elect to go to theWBM site or send a reply email in order to confirm their status as alegitimate CONTACT. If done before the expiration date, the WBM processwill add a special codeword such as “contact:” to the subject line ofthe redirected email, as shown at block 206, and re-route the email tothe Authorized Sender Mailbox (ASM) 209. The sender address for emailre-directed through this process is also stored (as indicated by thedashed line to block 210) and logged for further analysis by the ASLManager 211, to determine if the status of the SUSPECT should beupgraded to FRIEND and added to the ASL 203 b. If the SUSPECT does notrespond, this fact is also sent to the ASL Manager for further analysis.The extra confirmation step effectively eliminates SPAMMERS since theyuse automated programs to send out batch email and typically will nottake human response time to log on to the WBM site or send a reply emailto confirm their legitimate status.

If the Spam Processor sends a validation response that the sender is aFRIEND, then the Redirector 202 passes the email to the SMTP ReceiveManager, at block 208, which performs its administrative function ofchecking the SUBSCRIBER's status and storing the email in ASM 209, whichis the SUBSCRIBER'S Inbox. The user can now collect their email from theASM Inbox (using standard Internet protocols such as POP3 or IMAP4)through the user email client 101 on their computer. Their email is 100%spam-free, since all email from senders not recognized by the system asauthorized has been rejected. The SMTP Receive Manager 208 is alsoconfigured to log the information of receipt of the email from a FRIENDand send it to the ASL 203 b for further analysis, as indicated at block210.

Users send email composed on and sent from the email client 101 viastandard SMTP protocols to the ISP's email server. The ISP's SMTP serveris responsible for providing users with email addresses within thesystem, and sending users' email to the recipients' email addresses onthe Internet 103. In the SPAMKAPU invention system, an SMTP Send Manager212 is provided to intervene in the usual send email process. The SMTPSend Manager 212 copies header information from all outgoing email andsends the data to the ASL Manager 211, then sends the email on to itsintended destination. The ASL Manager 211 performs one of the keyfunctions in the invention system. It analyzes the header data from sentemail and data from other data sources 213 maintained by the ISP emailserver system, such as email logs and user-supplied lists. On the basisof its analysis routines (to be described in further detail below), theASL Manager 211 checks, populates, and updates the SPDB Database and ASLList with the email addresses and other data on senders authorized tosend email to the SUBSCRIBERS. The SPAMKAPU system also includes UserMaintenance Modules (UMM) 214 which allows the user to interact with andupload user information to SPAMKAPU for further customization ofSPAMKAPU's email operations for the user.

Referring to FIGS. 3A and 3B, a standard SMTP send email process (PriorArt) is shown compared to a modified send email process used in thepresent invention. In the standard send email process, in FIG. 3A, emailsent from the user's email client to the ISP's email server may bepre-processed, such as checking for correct syntax, alias expansion,etc., and to identify the list of recipient email addresses (could be 1or more). The server email manager gets each recipient email address inturn and attempts to establish a connection to the destination SMTPserver and verify if the recipient email address is proper. Ifnegotiation is unsuccessful, an error messages returned to the sendingSMTP server. If negotiation is successful, the sending server sends themessage body to the destination server and performs a proper “closeconnection” operation. In the modified send email process of theinvention, in FIG. 3B, the email sent from the client is pre-processed,recipient(s) are indentified, and connection(s) with the destinationserver(s) are attempted as usual. Upon successful negotiation, theSPAMKAPU SMTP Send Manager 212 copies the successful recipient emailaddress(es) and sends the data to the ASL Manager 211. On the assumptionthat the SUBSCRIBER authorizes email to be received from any person theSUBSCRIBER has sent email to, the proper email addresses of persons towhom the SUBSCRIBER has sent email are added to the ASL List of personsauthorized to send email to the SUBSCRIBER. The sent email data can beused in further analyses by the ASL Manager, e.g., to upgrade a person'sauthorized status from temporary to permanent if more than a thresholdnumber of email is sent by the SUBSCRIBER to the same person.

Referring to FIGS. 4A and 4B, a standard SMTP receive email process(Prior Art) is shown compared to a modified receive email process usedin the present invention. In the standard receive email process, in FIG.4A, email is received by the SMTP server from sender sources on theInternet and the server stores the email in the user's Inbox. In themodified receive email process of the invention, in FIG. 4B, thereceived email is subjected to processing by the Redirector 202 todetermine if the sender's address is that of an authorized person on theASL List. If authorized, the SMTP server stores the email in the user'sInbox after the SMTP Receive Manager 208 captures the sender's addresson the email in the address log step 210 to be sent to the ASL Manager211. Even though the sender is already on the ASL authorized personslist, the received email data can be used in further analyses by the ASLManager, e.g., to upgrade a persons authorized status from temporary topermanent if email from that person is received on an ongoing basis andhas not been changed by the user.

In FIG. 5, a process flow diagram illustrates the operation of the SpamProcessor 203. At block 501, a request from the calling routine, hereRedirector 202, seeks validation whether a received email is from anauthorized sender. The request identifies the parameters who the emailis FROM and who it is sent TO. The Spam Processor 203 uses the TOaddress to lookup that user's ASL list 203 b in the SPDB Database 203 a,as indicated at block 502. The lookup procedure follows a loop 503 ofreading the next ASL record on the user's ASL list, checking for a matchto the email FROM address (authorized person), reading the next recordif there is no match of the current record, executing the matchcondition by issuing a TRUE value if found, otherwise returning for thenext record, as indicated at block 504. At block 505, if a TRUE VALUE isissued, then at block 505 the action is taken of setting the outputvalue to FRIEND, otherwise if no TRUE value is issued after the entirelist has been processed, the action is taken of setting the output valueto SPAMMER. At block 506, the returned value is sent as a message to thecalling routine, i.e., the Redirector 202. If the returned value isSPAMMER, a standard error message is included. As a default option, ifno ASL list is found for the user, the system returns the value FRIEND,as indicated at block 507, in order to allow the email to be accepted asa temporary condition until an ASL list can be established for thatuser. The request processing routine can be implemented using industrystandard PERL programming syntax and incorporating a PERL interpreter toexecute the processing rules.

In FIG. 6, a process flow diagram illustrates the detailed operation ofthe Web-Based Messenger (WBM) routine for handling email rejected by theRedirector 202 (see FIG. 2). Preferably, the WBM process is implementedvia interaction with a rejected sender at a separate Web site address.In Phase 1, corresponding to step 204 in FIG. 2, the WBM process isinitialized at block 601 by the ASL rule returning a value for rejectingan email as sent from a SPAMMER by the Redirector 202. At block 602, aunique ID number is assigned to the email in the WBM database and agiven expiration date is set, e.g., 48 hours. At block 603, a returnmessage is added along with the unique ID code to the body of theSPAMMER's email and sent back to the sender's email address in order tonotify the SPAMMER to go to the WBM web page if they wish to followthrough with contacting the SUBSCRIBER. The WBM then waits for theSPAMMER to go to the WBM site to complete the process, referred to asPhase 2. At block 604, the SPAMMER accesses the WBM web site and agreesto the displayed terms and conditions of usage. At block 605, the WBMprocess verifies that the time for response for the email correspondingto the ID number has not expired. The WBM then follows a test procedureto ensure that the responding SPAMMER is not being implemented by amechanical program. For example, at block 606, a word stylized innon-standard font can be displayed as a graphic image, and at block 607the SPAMMER is prompted to type the word that appears in the graphic. Amechanical program would not be able to read a graphic image of a wordin unrecognizable font. At block 608, if the WBM process determines thata correct word has been typed, the SPAMMER's status is upgraded toSUSPECT on the user's ASL list. At block 609, the WBM process presents aform to enable the SUSPECT to enter a short message to be sent to theSUBSCRIBER. For example, the SUSPECT can ask the SUBSCRIBER to make surethe anti-spam control has been updated to allow email. At block 610, theemail and message is sent, by routing directly to the ASM email box forthe SUBSCRIBER, along with modification of the header to include acodeword or flag, e.g., adding the word “contact:” to the subject line.The codeword can be discerned in the ASM email logging step 210 in FIG.2, in order to differentiate the redirected email from other emaildetermined to be authorized email. At block 611, the SUBSCRIBER can nowread the SUSPECT's email. If the SUBSCRIBER sends a reply to the email,the SUSPECT's status may be automatically upgraded to FRIEND, or theSUBSCRIBER may upgrade the status to FRIEND manually by interaction withthe ISP email server through the UMM 214. At block 612, if theSUBSCRIBER determines that the email is from someone whose email shouldbe rejected without a WBM error reply option, the SUBSCRIBER mayoptionally downgrade the status permanently to SPAMMER through the UMM214.

Referring to FIG. 7A, a block diagram illustrates a standard SMTPsend-receive email handling process (Prior Art), as compared to FIG. 7Bwhich shows a modified Redirector process for handling received email.In the standard process, the Sender-SMTP 701 requests connection to theReceiver-SMTP 702, which accepts the connection if available. The SenderSMTP then performs the task in its Send Email loop of sending therecipient's email address. At block 703, the Receiver-SMTP confirms ordenies whether the recipient exists or whether it has authority toprocess email for this user. If confirmed, the Sender-SMTP sends themessage body and marks the end of the message. At block 704, theReceiver-SMTP receives the message body and sends it to the email box ofthe recipient (or recipients if the message is sent to more than onerecipient at that SMTP server address.

In FIG. 7B, the Sender-SMTP 701 and Receiver-SMTP 702 perform theirusual establishing of a connection and check for valid recipient e-mailaddress. However, in this modified process implemented in conjunctionwith the Spam Processor 705, the sender's FROM address is stored by theSpam Processor for later use, as indicated at block 706. At block 707,the sender's FROM address and the recipient's TO address are sent to theSpam Processor 705, by a request for validation by the Redirector asdescribed previously. At block 708, after checking the recipient's ASLlist to determine whether the sender is authorized, the Spam Processorcan return a response of FRIEND or a response of SPAMMER with anaccompanying error message. If the response is FRIEND, an output is sentto the Sender-SMTP confirming that the email can be received, and theemail is sent to the Receiver-SMTP as usual. At block 709, theReceiver-SMTP puts the email in the recipient's email box and, ifdesired, can include a message noting that the sender was identified onthe ASL list as a friend. If the response is SPAMMER, then an errormessage is returned to the Sender-SMTP that the recipient does not existor the Recipient-SMTP is not authorized to accept the email. Optionally,the Receiver-SMTP may send the email through the WBM process, asdescribed previously (indicated at block 710), if the response from theSpam Processor indicates that the status of the sender is an unknownsender (as opposed to having the confirmed status of SPAMMER).

In FIG. 8, a schematic diagram illustrates the structure and operationof the ASL Manager, previously described as component 211 with respectto FIG. 2. The ASL Manager preferably is structured to have an ASLOn-Demand Processor 801 and an ASL Scheduler Processor 802, both ofwhich interact with an ASL Rules Processor 803, which also exchangesdata with the Spam Processor Database (SPDB) 203 a. Email addresses sentto and received from the SMTP Send Manager 212 and SMTP Receive Manager208 are processed by the ASL On-Demand Processor 801 which executes theappropriate rules in conjunction with the ASL Rules Processor 803.Content from a variety of other sources, including compatible thirdparty plug-ins, can also be processed to create, populate, and updatethe ASL Lists stored in the SPDB 203 a. For example, content may bereceived from a “Drag and Drop Manager” for conveniently handling useraddress inputs while working with the email client, user address inputsfrom Web sites while working with an associated browser, addresses addedby the user to a desktop contact manager, such as the Microsoft Outlook™Address Book, or other contact lists, and other address inputs generatedby third party software that can operate with the user's clientprograms.

The ASL Scheduler Processor 802 is used to process tasks on a scheduledbasis for various analysis and maintenance functions. This allows a veryrich examination of the SUBSCRIBER's ASL list, mail log, and other datafiles, to continually refine the “authorized senders” list for accuracyand relevance. For example, the processor functions can include: an ASLMail Log Analyzer for analyzing the ASL Mail Log database 803 a of theSUBSCRIBER's received and sent emails; an Expiration Date Analyzer forsetting and enforcing expiration dates for authorized senders to bere-authorized; a Low Volume Analyzer for downgrading or eliminating theauthorization status of senders with whom the SUBSCRIBER communicatesvery infrequently; a High Volume Analyzer for upgrading or permanentlymarking the authorization status of senders with whom the SUBSCRIBERcommunicates very frequently; a Fuzzy Logic Analyzer for makingqualitative decisions as to FRIEND or SPAMMER status based on a varietyof factors; and other Third Party Analyzers for analyzing data generatedby third party plug-ins and programs to refine the ASL list.

The ASL Rules Processor 803 contains the rules (in an ASL Manager RulesDatabase) that determine how to add, update or modify the ASL Listsmaintained in the SPDB. Database 203 a. The Rules Processor can have anarchitecture that readily accepts and interoperates with third partydatabases 803 b and applications programs 803 c in order to harness thecollective power of developers in the network communications industry tocontinually improve and extend the SPAMKAPU system's feature set. Theultimate result of this architecture is to enable the creation of a veryrichly detailed ASL database which goes beyond even the totalelimination of spam email into other or future needs of users for thedynamic and intelligent handling of email.

In FIG. 9, a detailed implementation is illustrated of examples ofprocessing of email send/receive and user contact data into specificforms of actions taken by the ASL Manager. The basic process flowconsists of: Step 901 of looping through each line of an ASL list(called a Table) comparing the FROM address captured from an incomingemail for a match; Step 902 of determining whatever condition or statusflag has been set for the matched entry, then executing thecorresponding condition rule as maintained on the Condition Table,resulting in return of a Return Value; and Step 903, based on the ReturnValue, executing the corresponding action rule as maintained on theAction Table, and exiting with a Final Return Value from this action. Tofollow one example through this process flow, Step 901 finds a FROMmatch of the sender address john@home.com, Step 902 notes the expirationdate condition “before Dec. 1, 2003” and executes the “before” conditionon the Condition Table to return a value of “True” if today's date isless than the indicated expiration date, and Step 903 notes that thesender status action (if condition is True) is “friend” and executes the“friend” action on the Action Table to return a Final Return Value ofFRIEND (no parameters needed) as the validation response of the SpamProcessor.

The specific programming syntax or execution logic of the ASL Managerrules processing may be varied in any suitable manner depending on thedeveloper of the Spam Processor application. The following examples ofsome options for ASL Manager actions illustrate a wide range ofapproaches that may be used:

-   -   MATCHING AN EMAIL ADDRESS OR ADDRESS PATTERN:    -   (a) Default: exact match    -   (b) A specific email address: john@company.com    -   (c) UNIX Standard wildcard matching:        -   *.microsoft.com=anything from “Microsoft.com”        -   *microsoft*=anything with microsoft in it        -   *.mil=any email from the military    -   (d) Matching any known “blackhole list” by using a % BLACKHOLE %        symbol.    -   USING A CONDITIONAL AND PARAMETERS TO EXECUTE IF THE MATCH IS        TRUE    -   USING A SECONDARY ACTION AND PARAMETERS TO PERFORM IF THE        CONDITIONAL IS TRUE    -   USING THE LAST DATE THE SUBSCRIBER SENT EMAIL TO THIS ADDRESS    -   USING THE LAST DATE THIS ADDRESS SENT EMAIL TO THE SUBSCRIBER    -   USING DATE THE RECORD WAS CREATED

EXAMPLES OF CONDITIONALS THAT CAN BE USED

-   -   (a) Expiration dates: use a given address until Feb. 12, 2004    -   (b) Date ranges: use a given address from Apr. 1, 2004 to May 2,        2004    -   (c) Specific recurring times: first week of every month but no        other time, e.g., newsletter@magazine.com acceptable during        1^(st) week of each month.    -   (d) A link to external software designed to allow for additional        user-defined criteria; this allows for third party applications

EXAMPLES OF MESSAGES THAT MAY BE INVOKED BY A GIVEN SECONDARY ACTION

-   -   (a) Standard “error”    -   (b) Custom with variable substitution in the message body, e.g.:        -   % username % is substituted with the sender's email address        -   % subid % is the ID code of the subscriber        -   % date % is today's date    -   (c) “hello % username % you have been identified as spam, go to        http://www.spamkapu.com/subscriber=% subid % and if you're        really human we'll let you in.    -   (d) Custom text: “All email addresses from America Online are        unconditionally rejected”    -   (e) Send a given message in the error response.    -   (f) Send a given message as an email.    -   (g) Open a file and email its contents    -   (h) Open a file and send its contents as an error response.    -   (i) Set the sender's status to SPAMMER or FRIEND    -   (j) Create a unique ID that will expire after a short time        period (24-48hrs). This id can be used by the SUSPECT to access        the WBM and become a CONTACT.    -   (k) Give SMTP default error message    -   (l) Link and execute external software designed to allow for        additional user-defined actions; this allows for third party        applications.

In summary, the present invention provides a spam email rejection methodwhich analyzes the sender address of incoming email and determineswhether it is to be rejected or accepted depending upon managed lists ofauthorized senders. This is a significant departure from existinganti-spam processing systems which accept all email and attempts tofilter out only those that have sender addresses recognized as those ofknown spammers. The invention method does not filter out unauthorizedemail, rather it rejects all email unless authorized. The ASL Manager inthe system captures and analyzes sender and recipient usage patterns foroutgoing and incoming email in order to refine the “authorized senders”lists. The analysis of this data provides a rich foundation forrules-based decisions as to which sender addresses are consideredSPAMMER and which are not. This data creates an “authorized sender” listof FRIENDS, as opposed to a list of known SPAMMERS, thereby ensuringthat no unsolicited or uninvited email will ever pass through to theSUBSCRIBER's email box.

It is understood that many other modifications and variations may bedevised given the above description of the guiding principles of theinvention. It is intended that all such modifications and variations beconsidered as within the spirit and scope of this invention, as definedin the following claims.

I claim:
 1. A system for eliminating unauthorized email sent to a useron a network comprising: (a) an email client for allowing the user toreceive email sent on the network addressed to a unique email address ofthe user, (b) an email-receiving server connected between the networkand the email client for receiving email addressed to the unique emailaddress of the user, said email-receiving server having an authorizedsenders list (ASL) module which maintains an ASL list of email addressesof senders authorized to send email to the user, and (c) an emailrejection module operable with the ASL module for rejecting the receiptof email addressed to the email address of the user if the email addressof the sender is not one that is maintained on the ASL list for theuser.
 2. A system according to claim 1, wherein the ASL module includesan ASL database for storing ASL lists of authorized sender addresses forrespective subscribers of the system, a spam processor module forchecking the ASL lists for matches, and an ASL manager for creating,maintaining, and updating the ASL lists.
 3. A system according to claim2, further comprising a redirector module operable with the ASL modulefor receiving an email-sending message designating the sender's FROMaddress and intended recipient's TO address, for sending a request forvalidation to the spam processor module to determine whether thesender's FROM address matches any authorized sender address maintainedon the ASL list corresponding to the TO address of the intendedrecipient, for accepting the email if a match to an authorized senderaddress is found, and for rejecting the email if no match to anauthorized sender address is found on the ASL list.
 4. A systemaccording to claim 3, further comprising a web-based messaging (WBM)module to which email rejected by the redirector module is redirectedand which sends a message to the address of the sender of the rejectedemail notifying the sender to confirm that the sender is a legitimatesender of email to the intended recipient.
 5. A system according toclaim 4, wherein the WBM module includes a separate web site to whichthe notified sender can log on and confirm that the sender is alegitimate sender of email through an interaction procedure which canonly be performed by a human.
 6. A system according to claim 5, whereinthe interaction procedure includes a display of a graphic image of aword in a non-standard font, and an input for the sender to enter in aword corresponding to the graphic image of the word, whereby the systemcan confirm that the interaction procedure is not performed by amechanical program.
 7. A system according to claim 4, wherein once thesender is confirmed as a legitimate sender of email to the intendedrecipient user, the WBM module sends the email to the user's email boxwith a code that indicates that the email was rejected by the redirectormodule but confirmed as legitimate by the WBM module.
 8. A systemaccording to claim 3, further comprising an email-receiving manager forcapturing FROM and TO addresses of email accepted by the redirectormodule and sending the data to the ASL manager for later analysis.
 9. Asystem according to claim 2, further comprising an email-sending managerfor capturing FROM and TO addresses of email sent from the email clientand sending the data to the ASL manager for later analysis.
 10. A systemaccording to claim 2, wherein the ASL manager further includes a rulesprocessor for processing predefined address capture rules for updatingthe ASL lists using data from an email address source selected from thegroup of email address sources consisting of: received email; sentemail; user inputs to email service functions on the email client;inputs from user browsing of web sites; user desktop organizer and othercontact lists; and third party address program inputs.
 11. A systemaccording to claim 2, wherein the ASL manager further comprises a rulesprocessor for processing predefined analysis rules for updating the ASLlists using data from an analysis source selected from the group ofanalysis sources consisting of: user email log analysis; expiration dateanalysis; low/high email volume analysis; fuzzy logic analysis; andthird party data analysis.
 12. A system according to claim 2, whereinthe ASL manager maintains the ASL lists designating a sender-addressstatus selected from the group of sender-address statuses consisting of:always authorized as a friend; authorized as a friend over a date range;authorized as a friend before an expiration date; always rejected as aspammer; rejected as a spammer matching a black list; and rejected as aspammer sent with an error message.
 13. A method for eliminatingunauthorized email sent to a user on a network comprising the steps of:(a) receiving email addressed to the unique email address of the user,(b) maintaining an authorized senders list (ASL list) of email addressesof external users authorized to send email to the user, and (c)rejecting the receipt of email sent to the email address of the user ifthe email address of the sender is not one maintained on the ASL listfor the user.
 14. A method according to claim 13, further comprising thestep of redirecting the rejected email to a web site for sending amessage to the sender of the rejected email notifying the sender toconfirm that the sender is a legitimate sender of email to the intendedrecipient.
 15. A method according to claim 14, further comprising thestep of performing an interaction procedure at the web site with thenotified sender which can only be performed by a human.
 16. A methodaccording to claim 13, wherein said ASL list maintaining step includesupdating the ASL lists using data captured from any of the followingsources: received email; sent email; user inputs to email servicefunctions; inputs from user browsing of web sites; user desktoporganizer and other contact lists; and third party address programinputs.
 17. A method according to claim 13, wherein said ASL listmaintaining step includes updating the ASL lists using data obtainedfrom analysis of any of the following factors: user email log analysis;expiration date analysis; low/high email volume analysis; fuzzy logicanalysis; and third party data analysis.
 18. An email server system foreliminating unauthorized email sent via a network to the serveraddressed to a unique email address for a user of the system comprising:(a) an authorized senders list (ASL) module which maintains an ASL listof email addresses of senders authorized to send email to the user, and(b) an email rejection module operable with the ASL module for rejectingthe receipt of email addressed to the email address of the user if theemail address of the sender is not one that is maintained on the ASLlist for the user.
 19. An email server system according to claim 19,wherein the ASL module includes an ASL database for storing ASL lists ofauthorized sender addresses for respective subscribers of the system, aspam processor module for checking the ASL lists for matches, and an ASLmanager for creating, maintaining, and updating the ASL lists.
 20. Anemail server system according to claim 19, further comprising aredirector module operable with the ASL module for receiving anemail-sending message designating the sender's FROM address and intendedrecipient's TO address, for sending a request for validation to the spamprocessor module to determine whether the sender's FROM address matchesany authorized sender address maintained on the ASL list correspondingto the TO address of the intended recipient, for accepting the email ifa match to an authorized sender address is found, and for rejecting theemail if no match to an authorized sender address is found on the ASLlist.